Connection counter Libnids (¥Max number of TCP streams reached´)

Hello experts,

I have problems with the libnids library (Linux) and hop that one of you
can help me. I've implemented a small tool to sniffs the network traffic
especially on port 25 using the library libnids v. 1.21 with libpcap v.
0.9. When the programs runs approximately 24 hours the message "Max number
of TCP-Streams reached" is sent to syslog. The libnids docs (PERFORMANCE)
mentions this error message. The author describes the reason as caused
possible by low CPU performance when having much trafic. But the CPU is
70% idle.

I added a new parameter to the struct nids_params called num_tcp_con.
This parameter contains the number of concurrent TCP-sessions handled by
the libnids library (value from variable called tcp_num in tcp.c of
libnids). The value of tcp_num is allways compared with the given maximum
number of concurrent sessions (nids_params.n_tcp_streams, e.g. 1040). The
traffic is not very high (2-5 sessions / sec.) and everything is working
fine. A session is established and the counter increments. After the end
of the session the connection counter decrements. But during the day I
notice that the counter becomes bigger and bigger. It looks like that some
TCP sessions are not processed by the libnids library. When I disconnect
from the internet some connections are closed (tcp_num counter decrements)
but the counter still shows many active connections. I tested my small
programm in a "clean" network with exclusively smtp traffic and
everything is working fine. :-(

Does anybody have the same problem and an idea for the solution?
I appreciate any hint. Thanks in advance.

kind regards,
Tim

PS: If you think this content should be placed in another newsgroupe,
please give me a hint.